Scan free
LOWCVE-2025-62505CVSS 3

CVE-2025-62505: SSRF in @lobehub/chat

Platform

nodejs

Component

@lobehub/chat

Fixed in

1.136.3

1.136.2

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026
View on NVD
Save

CVE-2025-62505 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in the @lobehub/chat component. This flaw allows an attacker to manipulate the application into making HTTP requests to arbitrary URLs, potentially exposing internal resources or sensitive data. The vulnerability affects versions prior to 1.136.2 and has been published on 2025-10-17. A fix is available in version 1.136.2.

Impact and Attack Scenarios

The SSRF vulnerability in @lobehub/chat arises from insufficient validation of URLs provided by the client within the tools.search.crawlPages tRPC endpoint. Specifically, when a client sends an array of URLs and specifies the 'naive' implementation, the server directly issues HTTP requests to those URLs without proper checks. This lack of validation allows an attacker to craft malicious URL arrays, potentially targeting internal network resources (e.g., 127.0.0.1, localhost, private IP ranges) or metadata endpoints (e.g., 169.254.169.254). Successful exploitation could lead to unauthorized access to internal services, data exfiltration, or even potential denial-of-service if the attacker can trigger resource-intensive requests.

Exploitation Context

The vulnerability's impact is limited by the application's architecture and the sensitivity of internal resources. It is not currently listed on KEV or EPSS. Given the SSRF nature and the lack of immediate mitigation options beyond upgrading, the probability of exploitation is considered medium. Public proof-of-concept (POC) code is not yet widely available, but the vulnerability's nature makes it relatively straightforward to exploit. The vulnerability was published on 2025-10-17.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

0.02% (6% percentile)

CISA SSVC

Exploitationpoc
Automatableno
Technical Impactpartial

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N3.0LOWAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityHighConditions required to exploitPrivileges RequiredHighAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeChangedImpact beyond the vulnerable componentConfidentialityLowRisk of sensitive data exposureIntegrityNoneRisk of unauthorized data modificationAvailabilityNoneRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
High — requires a race condition, non-default configuration, or specific circumstances. Harder to exploit reliably.
Privileges Required
High — admin or privileged account required to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Changed — successful attack can pivot beyond the vulnerable component to other systems or the host OS.
Confidentiality
Low — partial or indirect data access. Attacker gains limited information.
Integrity
None — no integrity impact. Attacker cannot modify data.
Availability
None — no availability impact. Service remains fully operational.

Affected Software

Component@lobehub/chat
Vendorosv
Affected rangeFixed in
< 1.136.2 – < 1.136.21.136.3
1.136.2

Weakness Classification (CWE)

CWE-918

Timeline

  1. Reserved
  2. Published
  3. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2025-62505 is to upgrade to version 1.136.2 or later of the @lobehub/chat component. This version includes the necessary validation to prevent the SSRF vulnerability. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) or proxy to filter outbound HTTP requests and block those targeting internal or metadata endpoints. Specifically, configure the WAF to deny requests to IP ranges like 127.0.0.0/8, 169.254.0.0/16, and 10.0.0.0/8. After upgrading, confirm the fix by attempting to trigger the tools.search.crawlPages endpoint with a URL pointing to an internal resource; the request should be blocked.

How to fix

Actualice LobeChat a la versión 1.136.2 o superior. Esta versión corrige la vulnerabilidad SSRF en el módulo de web fetch nativo. No existen soluciones alternativas conocidas, por lo que la actualización es la única forma de mitigar el riesgo.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-62505 — SSRF in @lobehub/chat?

CVE-2025-62505 is a Server-Side Request Forgery (SSRF) vulnerability in the @lobehub/chat component, allowing attackers to make HTTP requests to arbitrary URLs. This can expose internal resources.

Am I affected by CVE-2025-62505 in @lobehub/chat?

You are affected if you are using @lobehub/chat versions prior to 1.136.2. Assess your dependencies to determine if you are vulnerable.

How do I fix CVE-2025-62505 in @lobehub/chat?

Upgrade to version 1.136.2 or later of @lobehub/chat. As a temporary workaround, implement a WAF to block outbound requests to internal IPs.

Is CVE-2025-62505 being actively exploited?

There are currently no reports of active exploitation, but the vulnerability's nature makes it potentially exploitable.

Where can I find the official @lobehub/chat advisory for CVE-2025-62505?

Refer to the @lobehub/chat project's release notes and security advisories on their official repository for the latest information.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs